cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
richarc
Newcomer II

How many of you are involved with controls for DevSecOps practices or for securing DevOps or Agile

I am currently tasked with developing controls or standards for our DevOps practices.  We are involved in writing these controls to ensure internal standards are met even in the fast-paced world of Agile or DevOps development and continued in operations.

 

I realize this is a practice that is unique to the company supported, but wondered how widely this is occurring elsewhere.   I would also be interested in learning what the size of the company is to understand where the majority of efforts like this are occurring.

 

DevOps isn't new, but as a practice is fairly new to our company.  I work for a rather large enterprise, with 2000 development teams in the mix under our main CIO.  I would be interested in what others are doing, and possibly seeing if there is an interest in a discussion group.

 

Thank you,

 

Chris

11 Replies
Dnl_AMelo
Viewer

Hi,

 

I´m a member of a Site Reliability Engineers team, our main focus is to keep a private cloud platform reliable and secure, through automation of security tests and hardening in the provisioning of platform resources. For 2018 we're initiating a project with the main goal to formalize a security development life-cycle and adopt agile practices in security and risk management. As an example, we want to use solid techniques in DevOps world, like ChatOps, in incident handling. DevSecOps.org has been our main source for DevSecOps (best) practices.

Miasm1
Newcomer I

Hello Chris,

Developing controls for DevOps practices is a smart move, especially in a large enterprise like yours with numerous development teams. Many companies are embracing DevOps for its agility, but security and standards remain important. Sharing experiences through discussion groups can offer valuable insights